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THE MAILING DATE OF THIS COMMUNICATION. 
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DETAILED ACTION 

Claim Rejections - 35 USC § 103 

1. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 1,9 rejected under 35 U.S.C. 103(a) as being unpatentable over Brown 
et al., US Patent No 6732179 (hereafter referred to as '179) in view of Oehrke et al., US 
Patent No 6735631 (hereafter referred to as '631). 

As to claim(s) 1,9: 

3. '179 teaches a computer system providing secure connections between a first 
node and a plurality of third load balanced nodes using authentication and shared 
secrets comprising: 

• First node connected to second node and plurality of third nodes / Client (First 
node) communicates with servers (Third nodes) (Col 7, Line 15, '179) Walled 
garden proxy server (second node) (Col 2, Line 53, '179) 

• . Communication between first node and third node is encrypted / client 

communicates with servers using SSL (Col 7, Line 15, '179) 
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• Selecting a third node and setting upon encrypted connection / A single service 
can reside on multiple servers such as when load balancing is being employed 
(Col 9, Line 42, 179) 

• First node and plurality of third nodes form a virtual private network / CMTS 
allows client to access a private network (Col 2, Line 53, '179). Servers coupled 
to the walled garden network in virtual private network (Col 2, Line 64, '179) 

• Communications encrypted with message encryption key established after an 
authentication process / Client authentication, Encrypted SSL connection using 
shared secrets (message encryption key) (Page 2, Lines 6-18 and 27, Intro to 
SSL) 

• Key management service selects third node and attempts to perform 
authentication / Client sends settings to the selected server (Page 6, Line 32, 
Introduction to SSL) 

• After authentication, message encryption key is stored at first and third nodes / 
client and server use session keys to encrypt transmission data (Page 7, Line 28, 
Introduction to SSL) 

4. '179 does not specifically teach detecting failure of the selected third node. '631 
teaches a load balancing system for detecting errors and redirecting users to alternate 
redundant servers (Col 4, Line 1 et seq., '631). It would have been obvious to a person 
of ordinary skill in the art at the time of invention to use the error detection/redirection 
load balancing strategy listed in '631 with the load balanced redundant servers listed in 
'179. One of ordinary skill in the art would have been motivated to use the error 
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detection/redirection load balancing strategy listed in '631 with the load balanced 
redundant servers listed in '179 because it is beneficial to users that they receive no 
perceivable loss in services. 

5. Claims 2-7 and 10-13 rejected under 35 U.S.C. 1 03(a) as being unpatentable 
over '179 in view of '631 in further view of Allison et al., US Patent No 5917900 
(hereafter referred to as '900). 

As to claim(s) 2: 

6. '1 79 as modified above teaches a computer communications system providing 
secure connections between a first node and a plurality of third load balanced nodes 
using authentication and shared secrets. '179 as modified above does not specifically 
teach for the communications system which also manages keys to randomly select the 
third node from the plurality. '900 teaches the load balancing strategy of random 
selection of servers (Col 1 , Line 33, '900). It would have been obvious to a person of 
ordinary skill in the art at the time of invention to use the random selection load 
balancing strategy of '900 during normal unfailing operation of the servers in '1 79. One 
of ordinary skill in the art would have been motivated to use the random selection load 
balancing strategy of '900 during normal unfailing operation of the servers in '179 
because random selection guarantees an average equal distribution between servers 
reducing the load on any given server, which could otherwise lead to slowed or failed 
server operations. 
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7. As to claim(s) 10: 
Claim 10 further comprises: 

Request for a message key / Generating a message encryption key for first and third 
nodes / client and server use session keys to encrypt transmission data (Page 7, Line 
28, Introduction to SSL) 

Performing an authentication process with selected third node / Client authentication, 
Encrypted SSL connection using shared secrets (message encryption key) (Page 2, 
Lines 6-18 and 27, Intro to SSL) 

8. As to claim(s) 3: 

First node and respective third nodes includes respective IP filter [connection protocol 
selected packet flow] which detects third node failure / IP filter of the first node sends 
failure detection signal [SSL communication in TCP/IP with expected response] to third 
node / IP filter of third node sends a response if operational / due to cached IP 
addresses, if the server becomes unavailable, the user experiences outages [of 
unreturned outbound queries from server filtering all inbound packets] (Col 2, Line 16, 
'631) 

If no response, first node selects other third node with other message encryption key / If 
no third node key is available another key is generated from key management service / 
A single service can reside on multiple servers such as when load balancing is being 
employed (Col 9, Line 42, 179) with new SSL connection and generated session key 
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9. As to claim(s)4, 11: 

Failure detection signal is transmitted with a respective message encryption key has 
been established and no communication from selected third party has been received 
within a predetermined time interval / any unreturned queries sent after an SSL 
connection is established can be considered failure detection signals. TCP as standard 
used on the Internet with SSL uses several timeout functions (See Pages 297-300, 
TCP/IP Illustrated) 

10. As to claim(s) 5, 12: 

When message encryption keys have been established for more than one third node, 
failure detection signal is only sent to selected third node / If multiple SSL server 
connection instances exist on first node a query only detects failure when third node 
does not respond 

11. As to claim(s) 6, 7, 13: 

Transmission of failure detection signal [SSL communication in TCP/IP with expected 
response] is deferred until after the first node has transmitted encrypted 
communications to the selected third node / Failure detection signal is encapsulated in 
communications / failure detection signal [SSL communication in TCP/IP with expected 
response] can only exist after encrypted SSL communications have begun 
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12. Claim 8 rejected under 35 U.S.C. 103(a) as being unpatentable over ' 179 in view 
of '631 in further view of ( 900 in further view of "Undernet IRC Servers" (hereafter 
referred to as MIRC). 



As to claim(s) 8: 

13. '179 as modified above teaches a computer system providing secure 
connections between a first node and a plurality of third load balanced nodes using 
authentication and shared secrets. '179 as modified above does not teach the use of 
randomly selecting a server from a list of potential servers stored in a file on the first 
node. MIRC teaches the use of randomly selecting a server from a list of potential 
servers stored in a file on the first node (Page 1 , Line 2 and 19, MIRC). It would have 
been obvious to a person of ordinary skill in the art at the time of invention to use the 
system of random server selection from a file as done in MIRC with the invention of '179 
as modified above. One of ordinary skill in the art would have been motivated to use 
the system of random server selection from a file as done in MIRC with the invention of 
'179 as modified above because this mechanism works as an additional load balancing 
system speed server client interactions. 



Conclusion 



14. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jonathan R Adams whose telephone number is 
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(571 )272-3832 after 10/04. The examiner can normally be reached on Monday - Friday 
from 10am to 6pm. 

1 5. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory Morse, can be reached on (703) 308-4789. The fax phone number 
for the organization where this application or proceeding is assigned is (703) 872-9306. 
Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is (703) 305-3900. 




GREGORY MORSE 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 



